CMMC v2.0 - Personnel Security
by Tara Lemieux
1. PS.L2-3.9.1 Screen individuals prior to authorizing access to organizational systems containing CUI.
1.1. Determine if:
1.1.1. IA.L1-3.5.2: The effective screening of personnel provided by this practice, PS.L2-3.9.1, improves upon the effectiveness of authentication performed in IA.L1-3.5.2.
1.2. (a) individuals are screened prior to authorizing access to organizational systems containing CUI"
2. PS.L2-3.9.2 Ensure that organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers.
2.1. Determine if:
2.1.1. IA.L1-3.5.1: This practice leverages the identification of system users required by IA.L1-3.5.1 in order to ensure that all accesses are identified and removed.